IETF Logo Mail Archive

Re: [regext] Security Lock anyone? (Was: Preliminary agenda for Prague, and call for agenda items)

Tongfeng Zhang <tongfeng.zhang@cira.ca> Mon, 25 February 2019 17:46 UTC

Return-Path: <tongfeng.zhang@cira.ca>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4E1B130EFE for <regext@ietfa.amsl.com>; Mon, 25 Feb 2019 09:46:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i20vbhJrsnXO for <regext@ietfa.amsl.com>; Mon, 25 Feb 2019 09:46:48 -0800 (PST)
Received: from mx2.cira.ca (mx2.cira.ca [192.228.22.117]) by ietfa.amsl.com (Postfix) with ESMTP id 6AA4A129284 for <regext@ietf.org>; Mon, 25 Feb 2019 09:46:48 -0800 (PST)
X-Virus-Scanned: by SpamTitan at cira.ca
Received: from CRP-EX16-01.CORP.CIRA.CA (10.2.36.120) by CRP-EX16-01.CORP.CIRA.CA (10.2.36.120) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.1531.3; Mon, 25 Feb 2019 12:46:47 -0500
Received: from CRP-EX16-01.CORP.CIRA.CA ([fe80::55ed:64a1:685a:4753]) by CRP-EX16-01.CORP.CIRA.CA ([fe80::55ed:64a1:685a:4753%13]) with mapi id 15.01.1531.010; Mon, 25 Feb 2019 12:46:47 -0500
From: Tongfeng Zhang <tongfeng.zhang@cira.ca>
To: Erwin Lansing <erwin=40lansing.dk@dmarc.ietf.org>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: [regext] Security Lock anyone? (Was: Preliminary agenda for Prague, and call for agenda items)
Thread-Index: AdTM217VKOovYDXpRTyT+c+9wEU8PQAYIkwAAAS0nAAAAHhAgAAH0dJw
Date: Mon, 25 Feb 2019 17:46:46 +0000
Message-ID: <34c35e4c575a4e338215b919c102cdfc@cira.ca>
References: <19F54F2956911544A32543B8A9BDE0759FBF8765@NICS-EXCH2.sbg.nic.at> <8175501f-3365-c8d1-7a76-a4584e76734e@centralnic.com> <C4A68CA3-1ADE-4959-A51E-A73F4A4914DC@sidn.nl> <395DD26B-B2D1-4144-87BD-8DBCD772A8A5@lansing.dk>
In-Reply-To: <395DD26B-B2D1-4144-87BD-8DBCD772A8A5@lansing.dk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.16.4.81]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/OGGeI5WaKfEgmEXKQXNHMG8pLBQ>
Subject: Re: [regext] Security Lock anyone? (Was: Preliminary agenda for Prague, and call for agenda items)
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Feb 2019 17:46:51 -0000

At .ca and all the TLDs CIRA operates,  we have a similar feature of registry lock.
We are interested in standardization for sure.

There is a regiOps workshop coming up in May in Bangkok. I see a fit there if regext is not the right place.

Cheers,
Tongfeng 


-----Original Message-----
From: regext <regext-bounces@ietf.org> On Behalf Of Erwin Lansing
Sent: Monday, February 25, 2019 11:25 AM
To: regext@ietf.org
Subject: Re: [regext] Security Lock anyone? (Was: Preliminary agenda for Prague, and call for agenda items)

Folks,

At .dk we also offer a form form of registry lock, called VID, which I’d like to redesign at some point.  Having a standardised, or at least similar “enough” product offering across different registries and TLDs would make it much more attractive for registrants.  Even though I won’t be in Prague, I’m certainly interested in following any standardisation effort.

Best,
Erwin



> On 25 Feb 2019, at 17.11, Marc Groeneweg <Marc.Groeneweg@sidn.nl> wrote:
> 
> All,
> 
> At SIDN (for .nl) we have our own form of registry lock called .nl control (https://www.sidn.nl/en/nl-control?language_id=2). Perhaps this can be used as input for a joined effort in increasing security around registry/registrar operations.
> 
> Regards,
> Marc Groeneweg
> 
> On 25/02/2019, 14:57, "regext on behalf of Gavin Brown" <regext-bounces@ietf.org on behalf of gavin.brown@centralnic.com> wrote:
> 
>    If a BoF happens in Prague I will certainly attend.
> 
>    On 25/02/2019 07:26, Alexander Mayrhofer wrote:
>> Antoin, all,
>> 
>> 
>> 
>> for now this is more a question / request to the group, rather than a 
>> specific agenda slot request – but:
>> 
>> 
>> 
>> In the light of the recent attacks on registration interfaces, do we 
>> want to take a fresh look at standardization of “Registry Lock” / 
>> “Security Lock”. There’s some previous work on this topic (see 
>> https://tools.ietf.org/html/draft-wallstrom-epp-registrant-problem-statement-00).
>> As Patrick pointed out, there’s also some IPR considerations in this 
>> area (See his blog post at 
>> http://www.circleid.com/posts/20150603_registry_lock_or_epp_with_two_factor_authentication/).
>> 
>> 
>> 
>> I constantly hear from registrars that “Security Lock” (our product
>> name) would be much more attractive if there wasn’t a myriad of 
>> different processes at each registry – so my take is that there’s 
>> room for standardization (which probably goes beyond the pure EPP extension).
>> I’m also hearing some fellow ccTLD colleages are interesting in a 
>> common “profile”.
>> 
>> Would regext be the right spot for such a discussion? If yes, would 
>> it be interesting to hold a 20 minutes slot in Prague? Or even a 
>> Bar-BoF before we “report back” to the working group?
>> 
>> 
>> 
>> Best,
>> 
>> Alex
>> 
>> 
>> 
>> 
>> 
>> *Von:*regext <regext-bounces@ietf.org> *Im Auftrag von *Antoin 
>> Verschuren
>> *Gesendet:* Sonntag, 24. Februar 2019 14:43
>> *An:* Registration Protocols Extensions <regext@ietf.org>
>> *Betreff:* [regext] Preliminary agenda for Prague, and call for 
>> agenda items
>> 
>> 
>> 
>> Hi all,
>> 
>> Please find the preliminary agenda for Prague attached.
>> I hope I captured everyone that has requested time to speak. If not, 
>> let the chairs know.
>> We still have a little bit of time left on the agenda, so if you have 
>> urgent agenda items, let us know as well.
>> If you are on the agenda, start preparing ;-)
>> 
>> 
>> 
>> 
>> Regards, Jim and Antoin
>> 
>> - --
>> Antoin Verschuren
>> 
>> Tweevoren 6, 5672 SB Nuenen, NL
>> M: +31 6 37682392
>> 
>> 
>> 
>> 
>> 
>> _______________________________________________
>> regext mailing list
>> regext@ietf.org <mailto:regext@ietf.org> 
>> https://www.ietf.org/mailman/listinfo/regext
>> 
>> 
>> _______________________________________________
>> regext mailing list
>> regext@ietf.org
>> https://www.ietf.org/mailman/listinfo/regext
>> 
> 
>    --
>    Gavin Brown
>    Chief Technology Officer
>    CentralNic Group plc (LSE:CNIC)
>    Innovative, Reliable and Flexible Registry Services
>    for ccTLD, gTLD and private domain name registries
>    https://www.centralnic.com/
>    +44.7548243029
> 
>    CentralNic Group plc is a company registered in England and Wales with
>    company number 8576358. Registered Offices: 35-39 Moorgate, London,
>    EC2R 6AR.
> 
> 
> _______________________________________________
> regext mailing list
> regext@ietf.org
> https://www.ietf.org/mailman/listinfo/regext

v2.23.0 | Report a Bug | By Email